OSC Staff Notice of Approval – IIROC Rules Notice 12-0363 – UMIR – Provisions Respecting Electronic Trading – Investment Industry Regulatory Organization of Canada (IIROC)

IIROC rule review

le 13 décembre 2012

Executive Summary

On December 7, 2012, the applicable securities regulatory authorities approved amendments ("Amendments") to UMIR respecting certain requirements for electronic trading on Canadian marketplaces.{1}

The Amendments, which are effective March 1, 2013:

align the requirements of UMIR to National Instrument 23-103 Electronic Trading and its Companion Policy ("ETR");
expand the existing supervisory requirements for trading to specifically include the establishment and maintenance of risk management and supervisory controls, policies and procedures related to access to one or more marketplaces and/or the use of an automated order system;
permit, in certain circumstances, a Participant to authorize an investment dealer to perform on its behalf the setting or adjustment of a risk management or supervisory control, policy or procedure by a written agreement;
impose specific gatekeeper obligations on a Participant who has authorized an investment dealer to perform on its behalf the setting or adjustment of a risk management or supervisory control, policy or procedure;
clarify the circumstances under which a trade may be cancelled, varied or corrected with notice to, or the consent of, a Market Regulator; and
make several editorial changes or consequential amendments to certain provisions including the incorporation into UMIR of defined terms used in the ETR.

The Amendments are effective March 1, 2013. However, IIROC recognizes that Participants and Access Persons may have significant systems work with respect to the introduction, pursuant to Part 7 of Policy 7.1, of automated controls to examine each order before entry on a marketplace to prevent the entry of an order which would result in:

the Participant or Access Person exceeding pre-determined credit or capital thresholds;
a client of the Participant exceeding pre-determined credit or other limits assigned by the Participant or to that client; or
the Participant, Access Person or client of the Participant exceeding pre-determined limits on the value or volume of unexecuted orders for a particular security or class of securities.

While IIROC expects that Participants and Access Persons will use best efforts to comply with the requirements for automated controls on that date, IIROC will allow Participants and Access Persons until May 31, 2013 to complete testing and fully implement such automated controls. All other requirements of the Amendments must be implemented by Participants and Access Persons by March 1, 2013.

The most significant impacts of the Amendments are to:

ensure that Participants and Access Persons adopt, document and maintain a system of risk management and supervisory controls, policies and procedures reasonably designed to manage the risks associated with electronic trading and access to marketplaces;
ensure that Participants and Access Persons are effectively supervising trading activity and are accounting for the risks associated with electronic access to marketplaces in their supervisory and compliance monitoring procedures; and
require an appropriate level of understanding, ongoing testing and appropriate monitoring of any automated order systems in use by a Participant, Access Person, or any client of the Participant.

On October 25, 2012, the CSA issued proposed amendments to National Instrument 23-103 Electronic Trading regarding aspects of the provision of third-party access to marketplaces, including direct electronic access ("CSA Access Proposal").{2} Concurrent with this CSA initiative, IIROC issued additional proposed amendments to UMIR regarding third-party access to marketplaces ("Proposed UMIR Access Amendments"){3} that will:

align UMIR with the CSA Access Proposal with provisions related to direct electronic access{4} provided by Participants to certain Canadian registrants and other clients;
introduce requirements for order routing arrangements{5} entered into by a Participant with investment dealers, foreign dealer equivalents{6} and other Participants; and
amend or clarify provisions related to order execution services{7} presently offered to a range of client account types.

1. Background to the Amendments

1.1 Electronic Trading Rule
1.1.1 Framework for Regulation of Electronic Trading
The ETR introduces a comprehensive framework designed to address areas of concern and risks brought about by electronic trading. Generally, the ETR places responsibility for managing risks and maintaining supervisory controls, policies and procedures related to electronic trading on:
a "marketplace participant" (defined as: a member of an exchange; user of a Quotation and Trade Reporting System; or subscriber of an ATS) whether trading is of a proprietary nature or on behalf of clients; and
a marketplace.
1.1.2 Requirements Applicable to Marketplace Participants
The ETR builds on the obligations outlined in Section 11.1 of National Instrument 31-103 Registration Requirements, Exemptions and Ongoing Registrant Obligations{8} ("NI 31-103") under which a registered firm must establish, maintain and apply policies and procedures that establish a system of controls and supervision sufficient to provide reasonable assurance that the firm and each individual acting on its behalf complies with securities legislation and manage the risks associated with its business in accordance with prudent business practices.
The ETR requires that these risk management and supervisory controls, policies and procedures must be reasonably designed to:
ensure that all orders are monitored pre- and post-trade;
systematically limit the financial exposure of the marketplace participant;
ensure compliance with all marketplace and regulatory requirements;
ensure the marketplace participant can stop or cancel the entry of orders to a marketplace;
ensure the marketplace participant can suspend or terminate any marketplace access granted to a client; and
ensure the entry of orders does not interfere with fair and orderly markets.
A participant dealer{9} may on a reasonable basis, authorize an investment dealer to perform on its behalf the setting or adjustment of a specific risk management or supervisory control, policy or procedure under certain circumstances where the investment dealer's relationship with an ultimate client would provide them with better access to information, and would thus provide for a more effective setting or adjusting of the control, policy or procedure. Granting such an authorization would require a written agreement between the participant dealer and the investment dealer, and a regular and ongoing assessment of the adequacy and effectiveness of such an agreement.
1.1.3 Requirements Applicable to Use of Automated Order Systems
The ETR establishes requirements surrounding the use of automated order systems.{10} A marketplace participant is required to take all reasonable steps to ensure that any use of an automated order system either by itself or by any client does not interfere with fair and orderly markets. Similarly, any client of a marketplace participant is itself obligated to take reasonable steps to ensure the same.
A marketplace participant must also have a level of knowledge and understanding of any automated order system used by itself or a client that is sufficient to identify and manage any risks associated with its use. A marketplace participant must also ensure that each automated order system is tested prior to use, and at least annually thereafter, and have controls in place to immediately disable and prevent orders generated by an automated order system from reaching a marketplace.
1.1.4 Requirements Applicable to Marketplaces
In addition to marketplace participants, the ETR also recognizes the role of the marketplace in managing the risks associated with electronic trading. The ETR places a requirement on a marketplace to prevent the execution of orders from exceeding price and/or volume thresholds set by the regulation services provider or by a marketplace if it is a recognized exchange or quotation and trade reporting system that directly monitors the conduct of its members or users and enforces certain requirements set pursuant to the CSA Trading Rules.{11}
The ETR also sets outs specific conditions under which a marketplace may cancel, vary or correct a trade executed on that marketplace. The marketplace must establish, maintain and ensure compliance with reasonable policies and procedures that clearly outline how a variation, cancellation or correction can occur, and must make these policies and procedures publicly available.
Additionally, the ETR requires a marketplace to provide a marketplace participant with access to its order and trade information on an immediate basis and on reasonable terms, to ensure that marketplace participants can effectively implement the risk management and supervisory controls policies and procedures required by the rule.
1.2 Pre-existing Supervision Obligations for Electronic Trading under UMIR
Currently, Rule 7.1 of UMIR establishes trading supervision obligations which Participants must follow, including:
adopting written policies and procedures to be followed by directors, officers, partners and employees of the Participant that are adequate, taking into account the business and affairs of the Participant, to ensure compliance with UMIR and each Policy; and
complying, prior to the entry of an order on a marketplace, with:
applicable regulatory standards with respect to the review, acceptance and approval of orders,
the policies and procedures adopted, and
all requirements of UMIR and each Policy.
Policy 7.1 of UMIR elaborates further on the responsibility of Participants for trading supervision and compliance, and certain elements of Policy 7.1 relate more particularly to electronic trading. Specifically, the obligation to supervise applies whether the order is entered on a marketplace:
by a trader employed by the Participant;
by an employee of the Participant through an order routing system;
directly by a client and routed to a marketplace through the trading system of the Participant; or
by any other means.
The Participant maintains responsibility for any order which is entered on a marketplace without the involvement of a trader employed by the Participant, as an example when the client maintains a "systems interconnect arrangement" in accordance with marketplace requirements. In such circumstances adequate supervision policies and procedures are required to address the potential additional risk exposure with orders not directly handled by the Participant but that remain the Participant's responsibility.

2. Discussion of the Amendments

The following is a summary of the principal components of the Amendments which are set out in Appendix A of this notice:

2.1 Trading Supervision Obligations
2.1.1 Risk Management and Supervisory Controls, Policies and Procedures
Rule 7.1 currently establishes trading supervision obligations which Participants must follow, including the establishment of written policies and procedures to ensure compliance with UMIR. With the ETR providing a new framework designed to mitigate the risks of electronic trading, the Amendments add several new subsections to align the supervisory requirements of Rule 7.1 with the requirements of the ETR.
The Amendments would require that a Participant or Access Person adopt a system of risk management controls designed to ensure the management of risks specifically associated with electronic trading. Particularly, they should be designed to manage the risks associated with access to one or more marketplaces, and if applicable, the use of any automated order system, by a Participant, a client of the Participant or an Access Person.
Part 7 of Policy 7.1 provides further information regarding the requirements set out in Rule 7.1, and details the expectations in regard to the elements of the risk management and supervisory controls, policies and procedures which must be employed by Participants and Access Persons. These must include:
automated controls to examine each order before entry on a marketplace to prevent the entry of an order which would result in:
the Participant or Access Person exceeding pre-determined credit or capital thresholds,
a client of the Participant exceeding pre-determined credit or other limits assigned by the Participant to that client, or
the Participant, Access Person or client of the Participant exceeding pre-determined limits on the value or volume of unexecuted orders for a particular security or class of securities;
provisions to prevent the entry of an order that is not in compliance with Requirements;{12}
provisions of immediate order and trade information to compliance staff of the Participant or Access Person; and
regular post-trade monitoring for compliance with Requirements.
The Amendments require the Participant to review and confirm at least annually, that the risk management and supervisory controls, policies and procedures are adequate, maintained and consistently applied, and that any deficiencies have been documented and remedied promptly.
2.1.2 Authorization to Set or Adjust Risk Management and Supervisory Controls, Policies and Procedures
Given that in certain circumstances, particular controls may be better placed under the direction of another dealer, proposed new subsection (7) of Rule 7.1 would, on a reasonable basis, allow the Participant to authorize an investment dealer to perform on its behalf the setting or adjustment of a specific risk management or supervisory control, policy or procedure.{13} Additionally, the Amendments provide the same flexibility provided by the ETR with respect to the development or implementation of such controls, and thus a Participant would be permitted to use the services of a third party provider that is independent of each client of the Participant, other than affiliates of the Participant. It is important to note that under the ETR, whether or not a third party solution is utilized, only the Participant is permitted to directly and exclusively set and adjust its supervisory and risk management controls.
The new subsection (8) of Rule 7.1 outlines specific requirements if either an authorization is made to an investment dealer or if a third party provider is utilized. Either situation requires a written agreement that will preclude the investment dealer or third party from providing any other person control over any aspect of the control, policy or procedure. Further, unless the investment dealer subject to the authorization agreement is also a Participant, subsection (8) will preclude any authorization with respect to an account in which the investment dealer or a related entity of the investment dealer holds a direct or indirect interest (other than that of commissions received on transactions or a reasonable fee for the administration of the account).
The policy rationale for permitting a Participant to authorize an investment dealer to perform on its behalf the setting or adjusting of a supervisory and risk management control is the recognition that situations exist where a participant dealer may determine that another investment dealer has a relationship with the ultimate client such that the investment dealer, having better access to information relating to the ultimate client, would be in a position to more effectively set or adjust the control, policy or procedure. As such, the Amendments only provide for an authorization with respect to accounts where the investment dealer is in fact trading for an ultimate client, and not in circumstances where there is no ultimate client and the trading is being made on a proprietary basis.
Upon entering into a written agreement pursuant to subsection (8), the Amendments require disclosure of the name and contact information of the investment dealer or third party to the Market Regulator, as well as any change in this information. The provision of this information will allow the Market Regulator to contact the investment dealer or third party to make enquiries about the application of the controls, policies or procedures to orders or trades in situations when additional information is needed.
If the Participant has authorized to an investment dealer or has utilized the services of a third party provider, the Participant is also required to review and confirm at least annually by the anniversary date of the written agreement with the investment dealer or third party, that the risk management and supervisory controls, policies and procedures are adequate, maintained and consistently applied, that any deficiencies have been documented and remedied promptly, and that the investment dealer or third party remains in compliance with the written agreement.
2.2 Specific Provisions Applicable to Automated Order Systems
In addition to the trading supervision obligations established by proposed amendments to Rule 7.1 described above, proposed new Part 8 to Policy 7.1 sets out specific supervisory provisions related to the use of automated order systems. As noted earlier, the risk management and supervisory controls, policies and procedures should be designed to manage the risk associated with access to one or more marketplaces, and if applicable, the use of any automated order system, by a Participant, Access Person, or any client.
The Amendments require that each Participant or Access Person have a level of knowledge and understanding of any automated order system used by the Participant, Access Person or a client of either. This level of knowledge should be sufficient to allow the Participant or Access Person to identify and manage risks associated with the use of the automated order system.
The Amendments require each Participant or Access Person to ensure that all automated order systems used by the Participant, any client of the Participant or an Access Person are tested in accordance with prudent business practices both initially before being used for the first time, and at least annually thereafter. This testing must be detailed in a written record in order to clearly demonstrate the testing undertaken by the Participant, Access Person and any third party services utilized to employ the automated order system or the risk management and supervisory controls, policies and procedures.
In establishing the parameters for the monitoring of order flow required under both the ETR and the Amendments, a Participant or Access Person should consider the strategy or strategies being employed by any automated order systems in use, and the potential market impact of defining such parameters inappropriately. In determining the appropriate scope of the order and trade parameters, policies and procedures the Participant or Access Person should, at a minimum, ensure they are set to prevent an order from exceeding:
the marketplace thresholds{14} applicable to the marketplace on which the order is entered, or
the limits publicly disclosed by IIROC for the exercise of the power of a Market Integrity Official under Rule 10.9 of UMIR for the triggering of a single-stock circuit breaker or regulatory intervention for the variation or cancellation of trade.{15}
Generally, it is expected that the risk management and supervisory controls, policies and procedures will be reasonably designed to prevent the entry of orders which would interfere with the operation of fair and orderly markets. The supervision and compliance procedures adopted by a Participant or Access Person should if applicable, contain detailed guidance on how the testing of client orders and trades is to be conducted to ensure that each automated order system is tested assuming various market conditions both initially and on at least an annual basis going forward.
Each Participant or Access Person must also have the capability to immediately disable any automated order system used by themselves or any client of the Participant, and thus prevent any orders generated by such system from reaching a marketplace. This would provide the Participant or Access Person the ability to intervene in the event of a malfunction or a situation where a system was being used improperly. A Participant or Access Person is ultimately responsible for any order entered or any trade executed on a marketplace, and this does not exclude situations where an automated order system malfunctions or is improperly used. Such responsibilities include situations where a malfunction causes a "runaway" algorithm even if the malfunction is attributed to an aspect of the automated order system that could not be accessed by the Participant or Access Person for purposes of testing.
2.3 Variation, Cancellation and Correction of Trades
Previously, Rule 7.11 prevented the cancellation or variation in price, volume or settlement date of an executed trade except in specific circumstances. Part 4 of the ETR sets out specific rules detailing when a marketplace can cancel, vary or correct a trade, and as such the language of Rule 7.11 has been amended to reflect this new framework. It now provides for the correction of a trade in addition to the cancellation and variation, and also stipulates that a marketplace can only take such actions:
• with the prior consent of the Market Regulator if the variation, cancellation or correction is necessary to correct an error caused by:
• a system or technological malfunction of the marketplace itself, or
• an individual acting on behalf of the marketplace; or
• with notice to the Market Regulator immediately following the variation, cancellation or correction:
• prior to the settlement of the trade by:
• the marketplace at the request of a party to the trade and with the consent of each Participant or Access Person that is a party to the trade, or
• the clearing agency through which the trade is or was to be cleared and settled, and
• after the settlement of the trade, by each Participant and Access Person that is a party to the trade.
2.4 Gatekeeper Obligations with Respect to Electronic Trading
Under the Amendments, Rule 7.1 of UMIR would allow for a Participant to authorize an investment dealer to perform on its behalf the setting or adjusting of a specific risk management or supervisory control, policy or procedure, or for a Participant to utilize the services of a third party provider. The Amendments add Rule 10.17 of UMIR which establishes certain gatekeeper obligations, and will require that in either of the above situations, the Participant must notify the Market Regulator if either the written agreement which sets out the terms of such arrangements has been terminated, or if the Participant has reason to believe that the investment dealer or third party has failed to remedy any deficiency identified by the Participant in its regular review.
2.5 Editorial and Consequential Amendments
The Amendments make several editorial or consequential amendments including:
adding a definition of ETR to Rule 1.1;
adding clause (c) to Rule 1.2 to note that every term used in UMIR which is defined or interpreted in the ETR (particularly, "automated order system", "marketplace and regulatory requirements" and "participant dealer") has the meaning ascribed to it in the ETR;
deleting phrases in Part 1 of Policy 7.1 to reflect the new rule framework in place under the ETR; and
adding language to Part 1 of Policy 7.1 to reflect guidance on the use of the "short-marking exempt" designation.{16}

3. Summary of the Impact of the Amendments

The following is a summary of the most significant impacts of the adoption of the Amendments. The Amendments:

ensure that Participants and Access Persons adopt, document and maintain a system of risk management and supervisory controls, policies and procedures reasonably designed to manage the risks associated with electronic trading and access to marketplaces;
ensure that Participants and Access Persons are effectively supervising trading activity and are accounting for the risks associated with electronic access to marketplaces in their supervisory and compliance monitoring procedures; and
require an appropriate level of understanding, ongoing testing and appropriate monitoring of any automated order systems in use by a Participant, any client of the Participant or an Access Person.

Under the Amendments, Access Persons have to specifically introduce risk management and supervisory controls, policies and procedures with respect to their direct trading on a marketplace as an Access Person (and not through a Participant). This parallels a requirement on Access Persons introduced in the ETR. However, Access Persons presently only have access to one marketplace which operates as a "negotiation" dark pool marketplace. The requirement will have little practical impact on an Access Person unless they become a subscriber to a new marketplace that is transparent.

There may be impacts to the market in the form of minimal additional latency on some order flow. Any additional latency will also be dependent on the type of trading strategies in use and the nature of the controls and risk management filters already in place. To the extent that additional latency may result, it is not expected to have a significant impact on the majority of trading. Persons employing trading strategies that rely on ultra-low latency connections may have to re-evaluate how they obtain access to a marketplace.

4. Technological Implications and Implementation Plan

The Amendments impose obligations on Participants and Access Persons to ensure that the risks associated with electronic trading are appropriately addressed through the establishment of reasonably designed risk management and supervisory controls, policies and procedures. The Amendments require pre-trade automated controls to prevent the entry of orders which would result in either the Participant or Access Person, or any client, exceeding pre-determined thresholds which would include credit or capital, as well as limits on the value or volume of unexecuted orders for a particular security or class of securities.

It is expected a Participant would already establish, maintain and apply policies and procedures that establish a system of controls and supervision sufficient to manage the risks associated with its business in accordance with prudent business practices as required both under section 11.1 of NI 31-103 and under Rule 7.1 and Policy 7.1. Additionally, those firms providing clients with electronic access to marketplaces would already be subject to similar requirements under the access rules of the various marketplaces to which the Participant or Access Person directs orders. Technology work and associated costs will likely be required, but the extent of these costs will vary dependent on the level of sophistication of current practices, and the nature of the business activities of the Participant or Access Person.

On the publication of the Proposed Amendments, IIROC expected that the amendments would become effective on the date IIROC publishes notice of approval of the amendments and that the implementation date would be the later of:

• March 1, 2013, the date the ETR becomes effective; and
• 120 days following the publication of notice of approval of the amendments.

As most of the Amendments are designed to align the requirements of UMIR to those of the ETR, IIROC concluded that, to avoid confusion in the industry, the Amendments should be effective with the introduction of ETR on March 1, 2013. IIROC and the CSA conducted a survey of members of the Investment Industry Association of Canada ("IIAC") on implementation of ETR and the Amendments. That survey indicated that there were no unique requirements of the Amendments (as compared with the requirements that aligned UMIR to the ETR) that could not be implemented on March 1, 2013. However, the results of the IIAC survey indicated that a limited number of Participants had concerns regarding their ability to complete systems testing by March 1, 2013.

IIROC recognizes that Participants and Access Persons may have significant systems work with respect to the introduction, pursuant to Part 7 of Policy 7.1, of automated controls to examine each order before entry on a marketplace to prevent the entry of an order which would result in:

• the Participant or Access Person exceeding pre-determined credit or capital thresholds;
• a client of the Participant exceeding pre-determined credit or other limits assigned by the Participant or to that client; or
• the Participant, Access Person or client of the Participant exceeding pre-determined limits on the value or volume of unexecuted orders for a particular security or class of securities.

While IIROC expects that Participants and Access Persons will use best efforts to comply with the requirements for automated controls on March 1, 2013, IIROC will allow Participants and Access Persons until May 31, 2013 to complete testing and fully implement such automated controls. All other requirements of the Amendments must be implemented by Participants and Access Persons by March 1, 2013.

The CSA has followed a comparable approach in respect of the implementation of the requirements for automated controls under ETR. Reference should be made to Multilateral CSA Staff Notice 23-313 issued by the CSA regarding the implementation date for certain aspects of ETR.{17}

{1} Reference should be made to IIROC Notice 12-0200 -- Rules Notice -- Request for Comments -- UMIR -- Provisions Respecting Electronic Trading (June 28, 2012) with which the proposed amendments were published for public comment (the "Proposed Amendments"). See Appendix B for the summary of comments received on the Proposed Amendments and the responses of IIROC. Column 1 of the table highlights the changes made to the Amendments as approved from the Proposed Amendments.
{2} Published at (2012) 35 OSCB beginning at page 9627.
{3} IIROC Notice 12-0315 -- Rules Notice -- Request for Comments -- UMIR -- Provisions Respecting Third-Party Electronic Access to Marketplaces (October 25, 2012), which includes proposed amendments to Dealer Member Rules 1300.1 and 3200 (the "Proposed DMR Amendments) relating to a proposed suitability exemption for clients provided with direct electronic access and a prohibition on allowing clients of an order execution service to use an automated order system or to manually send orders that exceed the volume threshold set by IIROC from time to time.
{4} The Proposed UMIR Access Amendments would define "direct electronic access" as an arrangement between a Participant and a client that permits the client to electronically transmit an order containing the identifier of the Participant: (a) through the systems of the Participant for automatic onward transmission to a marketplace; or (b) directly to a marketplace without being electronically transmitted through the systems of the Participant.
{5} The Proposed UMIR Access Amendments would define "routing arrangement" as an arrangement under which a Participant permits an investment dealer or foreign dealer equivalent to electronically transmit an order relating to a security: (a) through the systems of the Participant for automatic onward transmission to: (i) a marketplace to which the Participant has access using the identifier of the Participant, or (ii) a foreign organized regulated market to which the Participant has access directly or through a dealer in the other jurisdiction; or (b) directly to a marketplace using the identifier of the Participant without being electronically transmitted through the systems of the Participant.
{6} The Proposed UMIR Access Amendments would define a "foreign dealer equivalent" as "a person registered in a category analogous to that of investment dealer in a foreign jurisdiction that is a signatory to the International Organization of Securities Commissions' Multilateral Memorandum of Understanding".
{7} The Proposed UMIR Access Amendments would define "order execution service" as a service that meets the requirements, from time to time, under Dealer Member Rule 3200 -- Minimum Requirements for Dealer Members Seeking Approval under Rule 1300.1 for Suitability Relief for Trades Not Recommended by the Member.
{8} Published at http://www.osc.gov.on.ca/documents/en/Securities-Category3/ni_20120228_31-103_unofficial-consolidated.pdf
{9} The term "participant dealer" is defined in ETR as "a marketplace participant that is an investment dealer".
{10} The term "automated order system" is defined in ETR as "a system used to automatically generate or electronically transmit orders that are made on a pre-determined basis". As set out in section 1.2(1) of National Instrument 23-103 CP, an automated order system would encompass "both hardware and software used to generate or electronically transmit orders on a pre-determined basis and would include smart order routers and trading algorithms that are used by marketplace participants, offered by marketplace participants to clients or developed or used by clients."
{11} See section 8 of ETR. IIROC has sought public comment on the approach which should be adopted to the establishment of acceptable marketplace thresholds. See IIROC Notice 12-0162 -- Rules Notice -- Request for Comment -- UMIR -- Request for Comments on Marketplace Thresholds (May 10, 2012).
{12} "Requirements" include UMIR, applicable securities regulation, requirements of any self-regulatory organization applicable to the activity of the account and the rules and policies of any marketplace on which the account activity takes place. In particular, a Participant or Access Person that uses an automated order system must have appropriate parameters, policies and procedures to detect, prior to entry, an order that is "clearly erroneous" or "unreasonable" and which would interfere with fair and orderly markets if entered. See "Specific Provisions Applicable to Automated Order Systems".
{13} Under the Amendments, the term "investment dealer" is interpreted as "an investment dealer for the purposes of National Instrument 31-103 Registration Requirements, Exemptions and Ongoing Registrant Obligations".
{14} For further information on "marketplace thresholds" see IIROC Notice 12-0162 -- Rules Notice -- Request for Comments -- UMIR -- Request for Comments on Marketplace Thresholds (May 10, 2012).
{15} For further information see IIROC Notice IIROC Notice 12-0040 -- Rules Notice -- Guidance Note -- UMIR -- Guidance Respecting Implementation of Single-Stock Circuit Breakers (February 2, 2012) and IIROC Notice 12-0258 -- Rules Notice -- Guidance Note -- UMIR -- Guidance on Regulatory Intervention for the Variation or Cancellation of Trades (August 20, 2012).
{16} For further information, see IIROC Notice 12-0300 -- Rules Notice -- Guidance Note -- UMIR -- Guidance on "Short Sale" and "Short-Marking Exempt" Order Designations (October 11, 2012).
{17} Published at http://www.osc.gov.on.ca

Appendix A
Text of Provisions Respecting Electronic Trading

The Universal Market Integrity Rules are hereby amended as follows:

1. Rule 1.1 is amended by adding the following definition of "Electronic Trading Rules":
"Electronic Trading Rules" means National Instrument 23-103 Electronic Trading as amended, supplemented and in effect from time to time.
2. Rule 1.2 is amended by:
(a) deleting the word "and" at the end of clause (b);
(b) renumbering clause (c) of subsection (1) as clause (d), and
(c) inserting the following as clause (c) of subsection (1):
(c) defined or interpreted in the Electronic Trading Rules has the meaning ascribed to it in that National Instrument.
3. Rule 7.1 is amended by adding the following subsections:
(6) Notwithstanding any other provision of this Rule, a Participant or an Access Person shall adopt, document and maintain a system of risk management and supervisory controls, policies and procedures reasonably designed, in accordance with prudent business practices, to ensure the management of the financial, regulatory and other risks associated with:
(a) access to one or more marketplaces; and
(b) if applicable, the use by the Participant, any client of the Participant or the Access Person of an automated order system.
(7) A Participant may, on a reasonable basis:
(a) authorize an investment dealer to perform on its behalf the setting or adjusting of a specific risk management or supervisory control, policy or procedure; or
(b) use the services of a third party that provides risk management and supervisory controls, policies and procedures.
(8) An authorization over the setting or adjusting of a specific risk management or supervisory control, policy or procedure or retaining the services of a third party under subsection (7) must be in a written agreement with the investment dealer or third party that;
(a) precludes the investment dealer or third party from providing any other person control over any aspect of the specific risk management or supervisory control, policy or procedure;
(b) unless the authorization is to an investment dealer that is a Participant, precludes the authorization to the investment dealer over the setting or adjusting of a specific risk management or supervisory control, policy or procedure respecting an account in which the investment dealer or a related entity of the investment dealer holds a direct or indirect interest other than an interest in the commission charged on a transaction or reasonable fee for the administration of the account; and
(c) precludes the use of a third party unless the third party is independent of each client of the Participant other than affiliates of the Participant.
(9) A Participant shall forthwith notify the Market Regulator:
(a) upon entering into a written agreement with an investment dealer or third party described in subsection (8), of:
(i) the name of the investment dealer or third party, and
(ii) the contact information for the investment dealer or the third party which will permit the Market Regulator to deal with the investment dealer or third party immediately following the entry of an order or execution of a trade for which the Market Regulator wants additional information; and
(b) of any change in the information described in clause (a).
(10) The Participant shall review and confirm:
(a) at least annually that:
(i) the risk management and supervisory controls, policies and procedures under subsection (6) are adequate,
(ii) the Participant has maintained and consistently applied the risk management and supervisory controls, policies and procedures since the establishment of the controls, policies and procedures or the date of the last annual review, and
(iii) any deficiency in the adequacy of a control, policy or procedure has been documented and promptly remedied;
(b) if the Participant has authorized an investment dealer to perform on its behalf the setting or adjusting of a specific risk management or supervisory control, policy or procedure or retained the services of a third party, at least annually by the anniversary date of the written agreement with the investment dealer or third party that:
(i) the risk management and supervisory controls, policies and procedures adopted by the investment dealer or third party under subsection (6) are adequate,
(ii) the investment dealer or third party has maintained and consistently applied the risk management and supervisory controls, policies and procedures since the establishment of the controls, policies and procedures or the date of the last annual review, and
(iii) any deficiency in the adequacy of a control, policy or procedure has been documented by the Participant and promptly remedied by the investment dealer or third party, and
(iv) the investment dealer or third party is in compliance with the written agreement with the Participant.
4. Rule 7.11 is amended by:
(a) inserting in the title the words " and Correction" after the word "Cancellation";
(b) inserting in clause (b) the phrase "or corrected" immediately following the word "varied";
(c) deleting clause (d) and inserting the following clauses:
(d) with the prior consent of the Market Regulator, if the variation, cancellation or correction would be necessary to correct an error caused by a system or technological malfunction of the marketplaces systems or equipment or caused by an individual acting on behalf of the marketplace; or
(e) with notice to the Market Regulator immediately following the variation, cancellation or correction of the trade in such form and manner as may be required by the Market Regulator and such notice shall be given, if the variation, cancellation or correction is made:
(i) prior to the settlement of the trade, by:
(A) the marketplace on which the trade was executed at the request of a party to the trade and with the consent of each Participant and Access Person that is a party to the trade, or
(B) the clearing agency through which the trade is or was to be cleared and settled, and
(ii) after the settlement of the trade, by each Participant and Access Person that is a party to the trade.
5. Part 10 is amended by adding the following as Rule 10.17:
Gatekeeper Obligations with Respect to Electronic Trading
(1) A Participant that has, under Rule 7.1, authorized an investment dealer to perform on its behalf the setting or adjusting of a specific risk management or supervisory control, policy or procedure or the provision of risk management or supervisory controls, policies and procedures to a third party shall forthwith report to the Market Regulator the fact that:
(a) the written agreement with the investment dealer or third party has been terminated; or
(b) the Participant knows or has reason to believe that the investment dealer or third party has failed to promptly remedy any deficiency identified by the Participant.

The Policies to the Universal Market Integrity Rules are hereby amended as follows:

1. Part 1 of Policy 7.1 is amended by:
(a) replacing at the start of the seventh paragraph the word "Where" with the word "When";
(b) deleting in the seventh paragraph the phrase "(for example by a client with a systems interconnect arrangement in accordance with Policy 2-501 of the Toronto Stock Exchange)";
(c) adding at the end of the third bullet of the eight paragraph the phrase "other than a client required to use the "short-marking exempt" designation" ; and
(d) deleting at the end of the fourth bullet of the eighth paragraph the phrase "(unless the trading system of the Participant restricts trading activities in affected securities".
2. Part 2 of Policy 7.1 is amended by:
(a) deleting the phrases "Participants are reminded that", "the entry of", and "(For example, for Participants that are Participating Organizations of the TSE, reference should be made to the Policy on "Connection of Eligible Clients of Participating Organizations)"; and
(b) adding the word "entered" immediately before the phrase "must comply".
3. Part 3 of Policy 7.1 is amended in respect of the table of Minimum Compliance Procedures for Trading Supervision UMIR and Policies by:
(a) adding reference to "Electronic Access to Marketplaces", "Rule 7.1" and "Securities Legislation" and associated compliance review procedures;
(b) amending the term "restricted list" to "restricted security";
(c) amending the term "firm restricted list" to "firm trading restriction"; and
(d) deleting references to Rule 7.8 and Rule 7.9 and substituting reference to Rule 7.7 in regard to "restricted issues".
4. Policy 7.1 is further amended by adding the following Parts:
Part 7 -- Specific Provisions Applicable to Electronic Access
Trading supervision related to electronic access to marketplaces must be performed by a Participant or Access Person in accordance with a documented system of risk management and supervisory controls, policies and procedures reasonably designed to ensure the management of the financial, regulatory and other risks associated with electronic access to marketplaces.
The risk management and supervisory controls, policies and procedures employed by a Participant or Access Persons must include:
• automated controls to examine each order before entry on a marketplace to prevent the entry of an order which would result in:
• the Participant or Access Person exceeding pre-determined credit or capital thresholds,
• a client of the Participant exceeding pre-determined credit or other limits assigned by the Participant or to that client, or
• the Participant, Access Person or client of the Participant exceeding pre-determined limits on the value or volume of unexecuted orders for a particular security or class of securities;
• provision to prevent the entry of an order this is not in compliance with Requirements;
• provision of immediate order and trade information to compliance staff of the Participant or Access Person; and
• regular post-trade monitoring for compliance with Requirements.
A Participant or Access Person is responsible and accountable for all functions that they outsource to a service provider as set out in Part 11 of Companion Policy 31-103CP Registration Requirements and Exemptions.
Supervisory and compliance monitoring procedures must be designed to detect and prevent account activity that is or may be a violation of Requirements which includes applicable securities legislation, requirements of any self-regulatory organization applicable to the account activity and the rules and policies of any marketplace on which the account activity takes place. These procedures must include "post-order entry" compliance testing enumerated under Part 1 of Policy 7.1 to detect orders that are not in compliance with specific rules, and by addressing steps to monitor trading activity, as provided under Part 5 of Policy 7.1, of any person who has multiple accounts, with the Participant and other accounts in which the person has an interest or over which the person has direction or control.
Part 8 -- Specific Provisions Applicable to Automated Order Systems
Trading supervision by a Participant or Access Person must be in accordance with a documented system of risk management and supervisory controls, policies and procedures reasonably designed to ensure the management of the financial, regulatory and other risks associated with the use of an automated order system by the Participant, the Access Person or any client of the Participant.
Each Participant or Access Person must have a level of knowledge and understanding of any automated order system used by the Participant, the Access Person or any client of the Participant that is sufficient to allow the Participant or Access Person to identify and manage the risks associated with the use of the automated order system.
The Participant or Access Person must ensure that every automated order system used by the Participant, the Access Person or any client of the Participant is tested in accordance with prudent business practices initially before use and at least annually thereafter. A written record must be maintained with sufficient details to demonstrate the testing of the automated order system undertaken by the Participant, Access Person and any third party employed to provide the automated order system or risk management or supervisory controls, policies and procedures.
The scope of appropriate order and trade parameters, policies and procedures should be tailored to the strategy or strategies being pursued by an automatic order system with due consideration to the potential market impact of defining such parameters too broadly and in any event must be set so as not to exceed the marketplace thresholds applicable to the marketplace on which the order is entered or would otherwise exceed the limits publicly disclosed by the Market Regulator for the exercise of the power of a Market Integrity Official under Rule 10.9 of UMIR.
The Market Regulator expects the risk management and supervisory controls, policies and procedures to comply with the Electronic Trading Rules and be reasonably designed to prevent the entry of any order that would interfere with fair and orderly markets. This includes adoption of compliance procedures for trading by clients, if applicable, containing detailed guidance on how testing of client orders and trades is to be conducted to ensure that prior to engagement and at least annually thereafter, each automated order system is satisfactorily tested assuming various market conditions. In addition to regular testing of the automated order systems, preventing interference with fair and orderly markets requires development of pre-programmed internal parameters to prevent or "flag" with alerts on a real-time basis, the entry of orders and execution of trades by an automated order system that exceed certain volume, order, price or other limits.
Each Participant or Access Person must have the ability to immediately override or disable automatically any automated order system and thereby prevent orders generated by the automated order system from being entered on any marketplace.
Notwithstanding any outsourcing or authorization over of risk management and supervision controls, a Participant or Access Person is responsible for any order entered or any trade executed on a marketplace, including any order or trade resulting from the improper operation or malfunction of the automated order system. This responsibility includes instances in which the malfunction which gave rise to a "runaway" algorithm is attributed to an aspect of the algorithm or automated order system that was not "accessible" to the Participant or Access Person for testing.

Appendix B -- Comments Received in Response to

Rules Notice 12-0200 -- Request for Comments -- UMIR -- Provisions Respecting Electronic Trading

On June 28, 2012, IIROC issued IIROC Notice 12-0200 requesting comments on proposed amendments to UMIR respecting electronic trading ("Proposed Amendments"). IIROC received comments on the Proposed Amendments from:

CIBC World Markets Inc. ("CIBC")
Investment Industry Association of Canada ("IIAC")
RBC Capital Markets ("RBC")
Scotia Capital Inc. ("Scotia")
TD Securities Inc. ("TD")

A copy of the comment letters received in response to the Proposed Amendments is publicly available on the website of IIROC (www.iiroc.ca under the heading "Notices" and sub-heading "Marketplace Rules -- Request for Comments"). The following table presents a summary of the comments received on the Proposed Amendments together with the responses of IIROC to those comments. Column 1 of the table highlights the revisions to the Proposed Amendments on the approval of the Amendments.

Text of the Provisions Approval of the Amendments (Revisions to the Proposed Amendments Highlighted)					Commentator and Summary of Comment	IIROC Response to Commentator and Additional IIROC Commentary

Definitions

"Electronic Trading Rules" means National Instrument 23-103 Electronic Trading as amended, supplemented and in effect from time to time.

1.2	Interpretation

(1)	Unless otherwise defined or interpreted, every term used in UMIR that is:

	(a)	defined in subsection 1.1(3) of National Instrument 14-101 Definitions has the meaning ascribed to it in that subsection;

	(b)	defined or interpreted in the Marketplace Operation Instrument has the meaning ascribed to it in that National Instrument;

	(c)	defined or interpreted in the Electronic Trading Rules has the meaning ascribed to it in that National Instrument; and

	(d)	a reference to a requirement of an Exchange or a QTRS shall have the meaning ascribed to it in the applicable Marketplace Rule.

7.1	Trading Supervision Obligations				Scotia -- Seeks clarification on whether a procedure where a third party vendor sets or adjusts risk limits at the specific written request of the Participant would be considered acceptable.	The Amendments require that the Participant establish a system of risk management and supervisory controls, policies and procedures. The Amendments permit the Participant to authorize an investment dealer to perform on its behalf the setting or adjusting of a specific risk management or supervisory control, policy or procedure. If the Participant uses a third party to provide the supervisory controls, policies and procedures, the Participant or an authorized investment dealer must be the only persons that may set or adjust the controls even though the setting or adjustment will be effected by the third party provider. IIROC has revised the Guidance on Electronic Trading to clarify this point.

...

(6)	Notwithstanding any other provision of this Rule, a Participant or an Access Person shall adopt, document and maintain a system of risk management and supervisory controls, policies and procedures reasonably designed, in accordance with prudent business practices, to ensure the management of the financial, regulatory and other risks associated with:

	(a)	access to one or more marketplaces; and

	(b)	if applicable, the use by the Participant, any client of Participant or the Access Person of an automated order system.

(7)	A Participant may, on a reasonable basis:

	(a)	authorize an investment dealer to perform on its behalf the setting or adjusting of a specific risk management or supervisory control, policy or procedure; or

	(b)	use the services of a third party that provides risk management and supervisory controls, policies and procedures.

(8)	An authorization over the setting or adjusting of a specific risk management or supervisory control, policy or procedure or retaining the services of a third party under subsection (7) must be in a written agreement with the investment dealer or third party that;

	(a)	precludes the investment dealer or third party from providing any other person control over any aspect of the specific risk management or supervisory control, policy or procedure;

	(b)	unless the authorization is to an investment dealer that is a Participant, precludes the authorization to the investment dealer over the setting or adjusting of a specific risk management or supervisory control, policy or procedure respecting an account in which the investment dealer or a related entity of the investment dealer holds a direct or indirect interest other than an interest in the commission charged on a transaction or reasonable fee for the administration of the account; and

	(c)	precludes the use of a third party unless the third party is independent of each client of the Participant other than affiliates of the Participant.

(9)	A Participant shall forthwith notify the Market Regulator:

	(a)	upon entering into a written agreement with an investment dealer or third party described in subsection (8), of:

		(i)	the name of the investment dealer or third party, and

		(ii)	the contact information for the investment dealer or the third party which will permit the Market Regulator to deal with the investment dealer or third party immediately following the entry of an order or execution of a trade for which the Market Regulator wants additional information; and

	(b)	of any change in the information described in clause (a).

(10)	The Participant shall review and confirm:

	(a)	at least annually that:

		(i)	the risk management and supervisory controls, policies and procedures under subsection (6) are adequate,

		(ii)	the Participant has maintained and consistently applied the risk management and supervisory controls, policies and procedures since the establishment of the controls, policies and procedures or the date of the last annual review, and

		(iii)	any deficiency in the adequacy of a control, policy or procedure has been documented and promptly remedied;

	(b)	if the Participant has authorized an investment dealer to perform on its behalf the setting or adjusting of a specific risk management or supervisory control, policy or procedure to an investment dealer or retained the services of a third party, at least annually by the anniversary date of the written agreement with the investment dealer or third party that:

		(i)	the risk management and supervisory controls, policies and procedures adopted by the investment dealer or third party under subsection (6) are adequate,

		(ii)	the investment dealer or third party has maintained and consistently applied the risk management and supervisory controls, policies and procedures since the establishment of the controls, policies and procedures or the date of the last annual review, and

		(iii)	any deficiency in the adequacy of a control, policy or procedure has been documented by the Participant and promptly remedied by the investment dealer or third party, and

		(iv)	the investment dealer or third party is in compliance with the written agreement with the Participant.

7.11	Variation, Cancellation and Correction of Trades				IIAC -- Not clear why consent from the Market Regulator is required to vary, cancel or correct a trade when the error is caused by a system or technological malfunction of the marketplace systems or an individual acting on behalf of the marketplace. Would support a notice requirement.	UMIR imposes a number of obligations which are measured across marketplaces (e.g. provisions related to the prevention of trade-throughs under the Order Protection Rule). While a marketplace may look at activity on its own marketplace when making a decision to vary, cancel or correct, IIROC as the Market Regulator must ensure that the overall result is consistent with a "fair and orderly market" (such as ensuring that trades that may have been triggered or followed on from the "erroneous" trade on the one marketplace have been dealt with at the same time and in the same fashion. In the view of IIROC, a notice requirement would lead to uncertainty and confusion with respect to the disposition of "affected" trades that occurred on other marketplaces.

No trade executed on a marketplace shall, subsequent to the execution of the trade, be:

	(a)	cancelled; or

	(b)	varied or corrected with respect to:

		(i)	the price of the trade,

		(ii)	the volume of the trade, or

		(iii)	the date for settlement of the trade,

	except:

	(c)	by the Market Regulator in accordance with UMIR;

	(d)	with the prior consent of the Market Regulator, if the variation, cancellation or correction would be necessary to correct an error caused by a system or technological malfunction of the marketplace's systems or equipment or caused by an individual acting on behalf of the marketplace; or

	(e)	with notice to the Market Regulator immediately following the variation, cancellation or correction of the trade in such form and manner as may be required by the Market Regulator and such notice shall be given, if the variation, cancellation or correction is made:

		(i)	prior to the settlement of the trade, by:

			(A)	the marketplace on which the trade was executed at the request of a party to the trade and with the consent of each Participant and Access Person that is a party to the trade, or

			(B)	the clearing agency through which the trade is or was to be cleared and settled, and

		(ii)	after the settlement of the trade, by each Participant and Access Person that is a party to the trade.

10.17	Gatekeeper Obligations with Respect to Electronic Trading

(1)	A Participant that has, under Rule 7.1, authorized an investment dealer to perform on its behalf the setting or adjusting of a specific risk management or supervisory control, policy or procedure to an investment dealer or the provision of risk management or supervisory controls, policies and procedures to a third party shall forthwith report to the Market Regulator the fact that:

	(a)	the written agreement with the investment dealer or third party has been terminated; or

	(b)	the Participant knows or has reason to believe that the investment dealer or third party has failed to promptly remedy any deficiency identified by the Participant.

Policy 7.1 -- Trading Supervision Obligations

Part 1 -- Responsibility for Supervision and Compliance

...

In performing the trading supervision obligations, the Participant will act as a "gatekeeper" to help prevent and detect violations of applicable Requirements.

When an order is entered on a marketplace without the involvement of a trader, the Participant retains responsibility for that order and the supervision policies and procedures should adequately address the additional risk exposure which the Participant may have for orders that are not directly handled by staff of the Participant. For example, it may be appropriate for the Participant to sample for compliance testing a higher percentage of orders that have been entered directly by clients than the percentage of orders sampled in other circumstances.

In addition, the "post-order entry" compliance testing should recognize that the limited involvement of staff of the Participant in the entry of orders by a direct access client may restrict the ability of the Participant to detect orders that are not in compliance with specific rules. For example, "post-order entry" compliance testing may be focused on whether an order entered by a direct access client:

	•	has created an artificial price contrary to Rule 2.2;

	•	is part of a "wash trade" (in circumstances when the client has more than one account with the Participant);

	•	is an unmarked short sale (if the trading system of the Participant does not automatically code as "short" any sale of a security not then held in the account of the client other than a client required to use the "short-marking exempt" designation); and

	•	has complied with other order marking requirements and in particular the requirement to mark an order as from an insider or designated shareholder.

Policy 7.1 -- Trading Supervision Obligations

Part 2 -- Minimum Element of a Supervision System

...

The Market Regulator recognizes that there is no one supervision system that will be appropriate for all Participants. Given the differences among firms in terms of their size, the nature of their business, whether they are engaged in business in more than one location or jurisdiction, the experience and training of its employees and the fact that effective jurisdiction can be achieved in a variety of ways, this Policy does not mandate any particular type or method of supervision of trading activity. Furthermore, compliance with this Policy does not relieve Participants from complying with specific Requirements that may apply in certain circumstances. In particular, in accordance with subsection (2) of Rule 10.1, orders entered (including orders entered by a client, an investment dealer under a routing arrangement or by a client through an order execution services) must comply with the Marketplace Rules on which the order is entered and the Marketplace Rules on which the order is executed.

...

Policy 7.1 -- Trading Supervision Obligations

Part 3 -- Minimum Compliance Procedures for Trading on a Marketplace

Minimum Compliance Procedures	Compliance Review Procedures		Potential Information Sources		Frequency and Sample Size

Restricted Security	•	review for any trading of restricted issues done by proprietary or employee accounts	•	order tickets	•	daily

Rule 2.2			•	the diary list

Rule 7.7			•	trading blotters

			•	firm trading restriction

			•	monthly statements

Electronic Access to Market-places	•	pre-trade order review:	•	automated pre-trade controls	•	daily
Rules 7.1	•	prevent entry of orders on an order-by order basis that exceed pre-defined price and size parameters;	•	real-time alert systems

Securities Legislation	•	prevent entry of orders that do not comply with marketplace and regulatory requirements	•	immediate order and trade information including execution reports.

	•	systema-tically prevent one or more orders from exceeding pre-determined credit and capital thresholds.

	•	monitor for unauthorized access to trading systems of Participant or Access Person.

Policy 7.1 -- Trading Supervision Obligations

Scotia -- Concerned that while smart order routers are defined as an automated order system there generally is not any capacity to change an order using the smart order router system directly.

The Amendments will require automated controls to evaluate orders "before entry on a marketplace". The effect of the Amendments is to require orders to have "passed through" filters that are under the control of the Participant or Access Person entering the order. If orders do not pass through automated controls that have been set by the Participant prior to entry to a smart order router, the automated controls would have to be at the level of the smart order router. IIROC recognizes that current smart order routers in use in Canada do not have that capacity. Without this capacity, orders from a client could not be entered directly to a smart order router without passing through automated controls that have been set by the Participant.

Part 7 -- Specific Provisions Applicable to ~~Direct~~ Electronic Access

Trading supervision related to electronic access to marketplaces must be performed by a Participant or Access Person in accordance with a documented system of risk management and supervisory controls, policies and procedures reasonably designed to ensure the management of the financial, regulatory and other risks associated with electronic access to marketplaces.

IIROC has revised the Guidance on Electronic Trading to clarify this point.

The risk management and supervisory controls, policies and procedures employed by a Participant or Access Persons must include:

•

automated controls to examine each order before entry on a marketplace to prevent the entry of an order which would result in:

•

the Participant or Access Person exceeding pre-determined credit or capital thresholds,

•

a client of the Participant exceeding pre-determined credit or other limits assigned by the Participant to that client, or

•

the Participant, Access Person or client of the Participant exceeding pre-determined limits on the value or volume of unexecuted orders for a particular security or class of securities;

•

provision to prevent the entry of an order that is not in compliance with Requirements;

•

provision of immediate order and trade information to compliance staff of the Participant or Access Person; and

•

regular post-trade monitoring for compliance with Requirements.

A Participant or Access Person is responsible and accountable for all functions that they outsource to a service provider as set out in Part 11 of Companion Policy 31-103CP Registration Requirements and Exemptions.

RBC -- Requests that IIROC outline the specific pre-order entry checks that dealers are expected to implement on a real-time basis. Suggests that the requirement be standardized to that provided for under National Instrument 23-103, namely "that must be satisfied on a pre-order entry basis".

The minimum "automated controls" are set out in the three sub-bullets contained in the first bullet. In particular, the automated controls must examine each order before entry on a marketplace [emphasis added] to prevent the entry of an order which would result in:

•

the Participant or Access Person exceeding pre-determined credit or capital thresholds,

•

a client of the Participant exceeding pre-determined credit or other limits assigned by the Participant to that client, or

•

the Participant, Access Person or client of the Participant exceeding pre-determined limits on the value or volume of unexecuted orders for a particular security or class of securities.

Supervisory and compliance monitoring procedures must be designed to detect and prevent account activity that is or may be a violation of Requirements which includes applicable securities legislation, requirements of any self-regulatory organization applicable to the account activity and the rules and policies of any marketplace on which the account activity takes place. These procedures must include "post-order entry" compliance testing enumerated under Part 1 of Policy 7.1 to detect orders that are not in compliance with specific rules, and by addressing steps to monitor trading activity, as provided under Part 5 of Policy 7.1, of any person who has multiple accounts, with the Participant and other accounts in which the person has an interest or over which the person has direction or control.

The second bullet which requires the risk management and supervisory controls, policies and procedures to include provision to prevent the entry of an order that is not in compliance with Requirements is, in effect, for Participants a restatement of an existing UMIR provisions under Rule 7.1. In particular, Rule 7.1(2) requires:

"Prior to the entry of an order on a marketplace by a Participant, the Participant shall comply with:

(a)

applicable regulatory standards with respect to the review, acceptance and approval of orders;

(b)

the policies and procedures adopted in accordance with subsection (1); and

(c)

all requirement of UMIR and each Policy."

The inclusion of this bullet in Part 7 of Policy 7.1 has the effect of extending the requirement to Access Persons who have electronic access to a marketplace.

TD -- Would like to confirm that in cases when an order is entered on a marketplace with the involvement of a trader that the trader may continue to perform the trade supervision function rather than relying on automated controls for trade supervision. Believes that it is not feasible to apply an automated pre-trade control to limit a client's settlement risk or margin requirements on a real-time basis across all asset classes or all electronic access channels. Similar problems would be encountered for capital limits for internal traders.

Policy 7.1 must be read in its entirety. Various parts of the Policy deal with different means by which orders are "received" by a Participant and how the Participant enters those orders on a marketplace. Underpinning the Policy is the requirement for enhanced supervision and monitoring of orders that are not inter-mediated by traders or registered employees of the Participant. Orders which are received electronically by a Participant and entered on a marketplace by the Participant electronically without intermediation by a registered employee will be subject to automated pre-entry controls which reflect that fact. Nonetheless, if orders are intermediated, the Amendments will require that there be automated pre-entry controls that are appropriate to the orders being entered by that trader. For example, among the appropriate automated pre-entry controls would be "fat finger" checks and value limits applicable to the trader.

The Amendments do not require one aggregate client risk calculation across different electronic access channels or asset classes. The Amendments permit a separate limit to be determined for each channel or asset class. Participants are able to continue to assess the aggregate client risk on a post-trade basis. The Amendments permit capital limits on each access channel independently and Participants are able to continue to assess aggregate market risk on a post-trade basis.

IIROC has modified the Guidance on Electronic Trading to clarify these points.

A drafting error has been corrected by deleting the word "Direct" from the title of Part 7. In IIROC Notice 12-0200, the text of the proposed provision was correct in Appendix B but the draft of the proposed amendments set out in Appendix A contained the word.

Policy 7.1 -- Trading Supervision Obligations

Part 8 -- Specific Provisions Applicable to Automated Order Systems

Trading supervision by a Participant or Access Person must be in accordance with a documented system of risk management and supervisory controls, policies and procedures reasonably designed to ensure the management of the financial, regulatory and other risks associated with the use of an automated order system by the Participant, the Access Person or any client of the Participant.

Each Participant or Access Person must have a level of knowledge and understanding of any automated order system used by the Participant, the Access Person or any client of the Participant that is sufficient to allow the Participant or Access Person to identify and manage the risks associated with the use of the automated order system.

The Participant or Access Person must ensure that every automated order system used by the Participant, the Access Person or any client of the Participant is tested in accordance with prudent business practices initially before use and at least annually thereafter. A written record must be maintained with sufficient details to demonstrate the testing of the automated order system undertaken by the Participant, Access Person and any third party employed to provide the automated order system or risk management or supervisory controls, policies and procedures.

The scope of appropriate order and trade parameters, policies and procedures should be tailored to the strategy or strategies being pursued by an automatic order system with due consideration to the potential market impact of defining such parameters too broadly and in any event must be set so as not to exceed the marketplace thresholds applicable to the marketplace on which the order is entered or would otherwise exceed the limits publicly disclosed by the Market Regulator for the exercise of the power of a Market Integrity Official under Rule 10.9 of UMIR.

The Market Regulator expects the risk management and supervisory controls, policies and procedures to comply with the Electronic Trading Rules and be reasonably designed to prevent the entry of any order that would interfere with fair and orderly markets. This includes adoption of compliance procedures for trading by clients, if applicable, containing detailed guidance on how testing of client orders and trades is to be conducted to ensure that prior to engagement and at least annually thereafter, each automated order system is satisfactorily tested assuming various market conditions. In addition to regular testing of the automated order systems, preventing interference with fair and orderly markets requires development of pre-programmed internal parameters to prevent or "flag" with alerts on a real-time basis, the entry of orders and execution of trades by an automated order system that exceed certain volume, order, price or other limits.

Each Participant or Access Person must have the ability to immediately override or disable automatically any automated order system and thereby prevent orders generated by the automated order system from being entered on any marketplace.

Notwithstanding any outsourcing or permitted authorization over risk management and supervision controls, a Participant or Access Person is responsible for any order entered or any trade executed on a marketplace, including any order or trade resulting from the improper operation or malfunction of the automated order system. This responsibility includes instances in which the malfunction which gave rise to a "runaway" algorithm is attributed to an aspect of the algorithm or automated order system that was not "accessible" to the Participant or Access Person for testing.

General Comments

CIBC -- "Extremely challenging" to meet the March 1, 2013 target implementation date of National Instrument 23-103. Encourages IIROC to allow for a longer implementation period. Points to the fact that it took 13 months to implement Rule 15c3-5 in the US. CIBC sees "risks associated with a poorly designed or poorly implemented solution". In particular, CIBC notes that options and derivatives traded on the Montreal Exchange are subject to NI 23-103 and they seek greater clarity on the implementation of pre-trade credit thresholds for those asset classes. Suggests a phased introduction by either asset class and/or type of pre-trade control. As recognized in the US with the Knight Capital issues, technical changes at the marketplace level can have a severe impact for both the participant and overall market integrity. Believes that there should be a "pause" in allowing marketplaces to introduce enhancements.

Unlike NI 23-103, the UMIR provisions will only apply to a single asset class, namely listed equities (as UMIR is not applicable to the trading of fixed income or derivatives).

While the amendments will be effective March 1, 2013, IIROC recognizes that additional time may be required to complete testing of automated pre-trade controls. IIROC expects that Participants will use best efforts to complete testing and implement such controls by March 1, 2013 but IIROC will permit testing to continue until May 31, 2013 at which time IIROC expects testing to be complete and that the automated controls will be fully operational.

While IIROC is cognizant of the regulatory burden which is being imposed on marketplaces, Participants and Access Persons as a result of recent initiatives, the initiatives have dealt with developments in the market for which a regulatory response was considered appropriate. As a regulation services provider, IIROC's primary role with respect to "marketplace enhancements" is to ensure they do not interfere with a "fair and orderly" market.

IIAC -- Generally supportive of the objective of the Proposed Amendment but has serious concerns about the implementation period. Notes that IIAC members currently conduct their business using many different systems which are combinations of proprietary and third party systems. Significant work to develop, test and implement.

IIROC, in conjunction with the CSA, conducted a survey of IIAC members on their preparedness for implementation of ETR on March 1, 2013. The responses indicated that additional testing time may be needed or would be desirable. The responses confirmed that there were no specific provisions of the Proposed Amendments that could not be implemented by March 1, 2013. See response to CIBC above regarding the provision of additional time to complete testing of automated pre-trade controls.

Scotia -- Believes that the most reliable place to protect against "flash crash" types of events is at the marketplace level. The planned marketplace thresholds are a good step but suggests additional enhancements:

While marketplaces have a role, the marketplace is not in a position to know if orders from a particular client are a risk to the Participant as well as to the integrity of the marketplace overall.

•

order activity limits (on the number of orders from an individual trading ID or the markets as a whole);

•

notional limits (on each trading ID as specified by the Participant); and

•

automated access to disable trading IDs (more flexible functionality to the cancel-on-disconnect service that many marketplaces already offer).

"Individual" trading IDs often bundle together orders from a number of clients or sources. In the view of IIROC, it is more appropriate for the Participant to enforce these types of limits at the account or client level. This ensures that the Participant is better able to control their own risk to a particular client but the interests of other clients or sources or orders are not compromised if a particular account goes "off side".

Scotia -- Project plans from vendors generally leave approximately two months for testing and deployment. March 1st implementation leaves "no margin for issues or delays and would be considered 'best case' scenarios". Believes that an extension of 3 months is absolutely necessary and that 6 months may be prudent "depending on feedback ... from other participants".

The Amendments will be effective March 1, 2013, the same date as the ETR. However, IIROC has acknowledged the significant systems impact of implementing automated controls prior to order entry on a marketplace. IIROC is therefore permitting a period for additional testing, if necessary until May 31, 2013.